<?php

if(!file_exists('config.php')){
	copy('config.php.example','config.php') or die('Please copy config.php.example -> config.php');
}

if(!file_exists('invite.php')){
	copy('invite.php.example','invite.php') or die('Please copy invite.php.example -> invite.php');
}

require_once 'common.php';

if(!function_exists('curl_init')){
	echo "<font color='red'>CURL</font> is required. Please check whether <font color='red'>CURL</font> is supported by your host.<br />";
	exit;
}
if(OAUTH_CONSUMER_KEY == 'Your oauth_consumer_key here.'){
	echo "Please fill your own <font color='red'>OAUTH_CONSUMER_KEY</font> and <font color='red'>OAUTH_CONSUMER_SECRET</font> into <font color='red'>config.php</font>. Thank you.";
	exit;
}

if(isset($_GET['logout'])){
	setCookie('un', '', time()-3600*24*1000);
	setCookie('up', '', time()-3600*24*1000);
	setCookie('l', 'bye', time()-3600*24*1000);
	setCookie('Oauth','',time()-3600*24*1000);
	header("location:index.php");
	exit;
}

if(!isset($_POST['u']) && (isset($_GET['oauth']) || isset($_GET['oauth_token']))){
	setCookie('Oauth', 'oauth', time()+3600*24*1000);
	user_oauth();
}

if(isset($_POST['login'])){
	setCookie('Oauth','',time()+3600*24*1000);
	$request = API_URL.'/account/verify_credentials.json';
	$user = raw_twitter_process($_POST['u'],$_POST['p'],$request);

	if (!($user===false) && !($user->error)) {
		setCookie('l', 'OK', time()+3600*24*1000);
		setCookie('un', $_POST['u'], time()+3600*24*1000);
		setCookie('up', $_POST['p'], time()+3600*24*1000);
		header("location:index.php");
		exit;
	} else {
		setCookie('un', '', time()-3600*24*1000);
		setCookie('up', '', time()-3600*24*1000);
		setCookie('l', 'bye', time()-3600*24*1000);
	}
}

if(isset($_POST['oauthlogin'])){
	session_start();
	setCookie('Oauth','',time()+3600*24*1000);
	require_once 'OAuth.php';	
	$params = array('oauth_callback' => BASE_URL);
	$response = oauth_process('https://twitter.com/oauth/request_token', $params);
	parse_str($response, $token);
	$_SESSION['oauth_request_token_secret'] = $token['oauth_token_secret'];
	$authorise_url = 'https://twitter.com/oauth/authorize?oauth_token='.$token['oauth_token'];

	$cookies = getcwd().'/tmp/'.MD5(time());
	@file_put_contents($cookies,'');

	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $authorise_url);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($ch, CURLOPT_HEADER, false);
	curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
	curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	$str = curl_exec($ch);
	curl_close($ch);

	$authenticity_pattern = '/.*input name="authenticity_token" type="hidden" value="([a-z0-9]*)".*/';
	preg_match($authenticity_pattern,$str,$matches);
	$postdata = "authenticity_token=".$matches[1];
	$oauth_token_pattern = '/input id="oauth_token" name="oauth_token" type="hidden" value="([A-Za-z0-9]*)".*/';
	preg_match($oauth_token_pattern,$str,$matches);
	$postdata .= "&oauth_token=".$matches[1];
	$postdata .= "&session[username_or_email]=".$_POST['u']."&session[password]=".$_POST['p']."&submit=Allow";
	$url = "https://twitter.com/oauth/authorize";

	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($ch, CURLOPT_HEADER, false); 
	curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
	curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
	curl_setopt($ch, CURLOPT_POST, true);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	$str = curl_exec($ch);
	curl_close($ch);

	@unlink($cookies);

	// Method 1:
	if(strpos($str,'Invalid user name or password') === false){
		echo $str;
		exit;
	}

	// Method 2:
	//$redirect_url_pattern = '/<a href="([^"]*)">click here<\/a>/';
	//preg_match($redirect_url_pattern,$str,$matches);

	//if(!empty($matches[1])){
	//	header("Location: ".$matches[1]);
	//	exit();
	//}
}

header("Expires: Mon, 26 Jul 1970 05:00:00 GMT");
header("Last-Modified: ".date("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");  
header("Pragma: no-cache");

if(!isLogin()){
	require "_login.php";
}
else{
	if(INVITE){
		$request = API_URL."/account/verify_credentials.json";
		$tmp = twitter_process($request);
		require 'invite.php';
	}
	require "_main.php";
}

?>
